A Culture Shift: IT Security to Smart Grid Security

With the global excitement and opportunity of the Smart Grid, a lot of historically IT-focused companies, including Cisco, are entering the market. It’s important to note that there are unique characteristics of the grid when attempting to apply IT security solutions. In this post I’ll focus on the primary goal of power generation and delivery: reliability. In subsequent posts I’ll discuss other security requirements of the grid (such as integrity, authentication, and confidentiality), and how we can apply lessons learned from the IT sector.

To better understand the culture shift from securing IT systems, we need to clarify the focus of grid security. In the IT world, we often focus on protecting information. For example, in United States Department of Defense circles, security is usually referred to as Information Assurance. Smart Grid security (usually called “cyber security,” or just “cyber” by electric sector practitioners) however, concerns itself with making sure that systems continue to operate in the case of a security event. An equivalent term for the grid would be “Continuation Assurance.” The smart grid community considers the potential to affect system reliability a cyber security issue, from disgruntled insiders to operator error or a deliberate attack from the outside that affects any portion of the grid – substations, data centers, operations centers, neighborhood area networks, and eventually homes. The effectiveness of cyber security measures will be judged mainly on their contribution to keeping the systems running!

Why is reliability key to the grid?

We often think of financial consequences when IT systems fail – customers cannot place transactions, users are not able to access systems to do their jobs, and communication along the supply chain is impacted. In addition to these consequences, the grid contains systems that are much more sensitive to failure, such as nuclear power plants, hydroelectric dams, coal-fired generation plants, gas generators, and high-voltage transmission lines. Physical consequences have been demonstrated as the result of cyber security compromises, such as in this Department of Homeland Security video known as the “Aurora Generator Test”:

Many utilities are regulated by the North American Electric Reliability Corporation (NERC), designated by the Federal Energy Regulatory Commission to enforce reliability standards on the “Bulk Electric System.” “Bulk Electric System” includes most generation and transmission utilities that operate systems at 100 kilovolts or higher. NERC has the authority to levy fines on utilities that do not meet reliability standards. Note that the regulation focuses on reliability standards over security standards. Cyber security has its place, of course, as a subset of the NERC reliability standards, and they are known as Critical Infrastructure Protection, or CIP standards.

IT security technologies such as firewalls, protection from denial of service, and intrusion detection & prevention can help mitigate many deliberate attacks and help to prevent accidental violations from propagating through the network. Redundant systems and multiple paths, while not strictly security technologies, can also increase the resilience of the network. A combination of product and architectural approaches will ultimately be needed to properly build a reliable grid network.

The bottom line is that cyber security architectures must be designed to ensure that breaches do not impact system operation. This will often mean that systems fail-open to certain types of security events, and audit logs and other forensic information will be used to correct and prevent future events. Remediation processes will need to be developed that accommodate changes to running, production systems. Designing resilient smart grid systems that scale to the size of the grid, and that remain within cost constraints are a significant challenge, but should be a key goal of product manufacturers and systems engineers.

Leave a comment

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

All comments in this blog are held for moderation. Your comment will not display until it has been approved

Right on, Dave ... Great stuff. We agree it seems, that perhaps counter intuitively, Smart Grid apps and security tech, deployed well and with sound policy, will make the power system simultaneously less secure and yet more flexible, reliable and efficient. Will keep my eye on your blog for sure!

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.